DescriptionAn out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing anything that was left on the stack, or even past the end of the 8193-byte buffer, depending on the value of accepted_payload_size.
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
- SUSE-SU-2019:0061-1, published Thu Jan 10 13:16:51 MST 2019
- openSUSE-SU-2019:0044-1, published Sat, 12 Jan 2019 03:14:31 +0100 (CET)
List of released packages
|Product(s)||Fixed package version(s)||References|
|SUSE Linux Enterprise High Availability 15|| ||Patchnames:
|openSUSE Leap 15.0|| ||Patchnames:
Status of this issue by product and package
Please note that this evaluation state might be work in progress, incomplete or outdated. Also information for service packs in the LTSS phase is only included for issues meeting the LTSS criteria. If in doubt, feel free to contact us for clarification.
|HPE Helion OpenStack 8||haproxy||Not affected|
|SUSE Linux Enterprise High Availability 12 GA||haproxy||Not affected|
|SUSE Linux Enterprise High Availability 12 SP2||haproxy||Not affected|
|SUSE Linux Enterprise High Availability 12 SP3||haproxy||Not affected|
|SUSE Linux Enterprise High Availability 12 SP4||haproxy||Not affected|
|SUSE Linux Enterprise High Availability 15 GA||haproxy||Already fixed|
|SUSE Linux Enterprise Server for SAP Applications 12 GA||haproxy||Not affected|
|SUSE Linux Enterprise Server for SAP Applications 12 SP2||haproxy||Not affected|
|SUSE Linux Enterprise Server for SAP Applications 12 SP4||haproxy||Not affected|
|SUSE Openstack Cloud 7||haproxy||Not affected|
|SUSE Openstack Cloud 8||haproxy||Not affected|